You are not logged in.
I'm running
nginx 1.17.4
php 7.4
arch linux 5.4.2
Trying to execute the following command to get my user MAC address from IP (this script will run on my lan server) and $_SERVER['REMOTE_ADDR'] does return a valid ip
shell_exec("sudo /usr/bin/nmap -n -sn ".$_SERVER['REMOTE_ADDR'])
But it returns null so I tried the following to get a more info
shell_exec("sudo /usr/bin/nmap -n -sn ".$_SERVER['REMOTE_ADDR'] ." 2>&1")
And got the following: sudo: effective uid is not 0, is sudo installed setuid root?
I don't understand why I get this error because I have added the following in my sudder file
http ALL=NOPASSWD: /usr/bin/nmap
I've modified my passwd to allow login from HTTP to try it in shell and it works but not when I run it in the browser.
Help please!
Thanks
Offline
Is php provided by php-fpm using the supplied service file?
Offline
yes it's php-fpm
Offline
Offline
okay so I put the flag to false
NoNewPrivileges=false
but now, I can run the command without any errors but it doesn't seem to find the device I get
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.02 seconds
and when I run it from shell I do get my desired results?
Any ideas?
Thanks
Offline
Offline
thank for the info I did what was in the post but now I get
sudo: setrlimit(RLIMIT_CORE): Operation not permitted
Starting Nmap 7.80 ( https://nmap.org ) at 2019-12-13 19:37 EST
route_dst_netlink: cannot create AF_NETLINK socket: Address family not supported by protocol
I don't get it what's going on this used to work
Offline
You should read the whole php-fpm service file. Several other variables are relevant. This error is directly due to "RestrictAddressFamilies".
"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman
Offline
I commented it out the following line and it seems to work
CapabilityBoundingSet
So thank you for your help, patience and guidance
Offline